<?php
// profile.php
require_once 'config.php';      // 包含数据库配置
require_once 'auth_check.php';  // 验证登录状态

// 获取当前用户完整信息
try {
    $stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");
    $stmt->execute([$_SESSION['user_id']]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);
    
    if (!$user) {
        $_SESSION['errors'] = ['用户不存在或已被删除'];
        header('Location: logout.php');
        exit;
    }
} catch (PDOException $e) {
    die("数据库错误: " . $e->getMessage());
}

include 'includes/header.php'; // 包含公共头部
?>

<div class="container mt-4">
    <div class="row justify-content-center">
        <div class="col-md-8">
            <!-- 用户信息卡片 -->
            <div class="card">
                <div class="card-header bg-primary text-white">
                    <h3 class="mb-0">用户信息</h3>
                </div>
                <div class="card-body">
                    <!-- 信息展示区 -->
                    <div class="row mb-3">
                        <div class="col-md-4 fw-bold">用户名：</div>
                        <div class="col-md-8">
                            <?= htmlspecialchars($user['username']) ?>
                        </div>
                    </div>
                    
                    <div class="row mb-3">
                        <div class="col-md-4 fw-bold">电子邮箱：</div>
                        <div class="col-md-8">
                            <?= htmlspecialchars($user['email']) ?>
                        </div>
                    </div>
                    
                    <div class="row mb-3">
                        <div class="col-md-4 fw-bold">账户角色：</div>
                        <div class="col-md-8">
                            <span class="badge bg-<?= $user['role'] === 'admin' ? 'danger' : 'success' ?>">
                                <?= ucfirst($user['role']) ?>
                            </span>
                        </div>
                    </div>
                    
                    <div class="row mb-3">
                        <div class="col-md-4 fw-bold">注册时间：</div>
                        <div class="col-md-8">
                            <?= date('Y-m-d H:i', strtotime($user['created_at'])) ?>
                        </div>
                    </div>
                </div>
                
                <!-- 操作按钮组 -->
                <div class="card-footer bg-light">
                    <div class="d-flex justify-content-between">
                        <a href="change_password.php" class="btn btn-warning">
                            <i class="bi bi-key"></i> 修改密码
                        </a>
                        <?php if ($user['role'] === 'admin'): ?>
                            <a href="admin/index.php" class="btn btn-info">
                                <i class="bi bi-gear"></i> 管理后台
                            </a>
                        <?php endif; ?>
                        <a href="logout.php" class="btn btn-danger">
                            <i class="bi bi-box-arrow-right"></i> 退出登录
                        </a>
                    </div>
                </div>
            </div>
            
            <!-- 安全提示 -->
            <div class="alert alert-info mt-4">
                <h5><i class="bi bi-shield-lock"></i> 安全提示</h5>
                <ul class="mb-0">
                    <li>请勿在公共设备保存登录状态</li>
                    <li>定期修改密码确保账户安全</li>
                    <li>发现异常操作请立即修改密码</li>
                </ul>
            </div>
        </div>
    </div>
</div>

<?php include 'includes/footer.php'; // 包含公共底部 ?>